#VU41192 Code Injection in libproxy - CVE-2012-5580

Cybersecurity Help s.r.o.

Published: 2014-10-28 | Updated: 2020-08-10

Vulnerability identifier: #VU41192

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-5580

CWE-ID: CWE-94

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libproxy
Other software / Other software solutions

Vendor: libproxy

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libproxy: 0.3.1

External links
https://www.securityfocus.com/bid/56712
https://bugzilla.novell.com/show_bug.cgi?id=791086
https://bugzilla.redhat.com/show_bug.cgi?id=883100
https://code.google.com/p/libproxy/source/detail?r=475
https://exchange.xforce.ibmcloud.com/vulnerabilities/80340

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Code Injection in libproxy